Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
General
Off-Topic
Security - Manual Exploitation?
SephStorm
All,
Many of us are familiar with metasploit, and its point and click exploitation capability. However we also know that many updated exploits may not be in metasploit for whatever reason. If you find an exploit online, you may want to use it. Now I know metasploit can import exploits, but i'm sure that process is somewhat involved, and I will get into that later. When I watched Vivek's MSFE video, I believe at one point he downloads and compiles a MS03-026 exploit and manually points it at the target and exploits it. Is this a common functionality? Is this commonly how exploits are manually launched, or is everything imported into MSF?
Find more posts tagged with
Comments
wes allen
I am far from an expert, but I think most exploits start as POC code in either C, python, ruby, pearl, etc. And only a fraction end up in MSF. Browse
http://www.exploit-db.com/
and you will find lots of non MSF exploits. OSCP focuses mostly on non MSF stuff.
EDIT: As an example, here is python code for MS08-067:
http://www.exploit-db.com/exploits/7132/
NovaHax
Yeah, what Wes said. Metasploit is great because it standardizes everything...but most exploits start out first as PoC scripts (exploit-db is pretty much the authoritative source). These scripts can often require significant modifications to make them actually useful. Many will have hardcoded IP and port addresses, hardcoded credentials, useless shellcodes (like opening calc.exe), etc...
SephStorm
So unless you know coding and can get the code working there's no way to send the code to a system?
wes allen
Many times you just need to make simple changes that don't really require much programming. Like swapping out the shellcode for something specific to your host (like where to send a reverse shell). You just use something like msfvenom to output the shellcode, then replace the shellcode in the exploit. It gets tricky if there is a size limit though. Also, different os patch levels can mean different memory addresses, so you have to be able to find the correct addresses and then make changes - which doesn't really take a lot of programming, but you do need to understand assembly and debuggers.
SephStorm
lol, definatly not there yet, i've decided to take a step back, focus on my original goal for the moment.
veritas_libertas
Something I'm learning quickly is that in order to be good at Information Security you must understand programming. You don't have to be great at it, but you must have at least a beginner's knowledge. This is why I'm trying to teach myself Python and then move onto C.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
